Ceviss Final Report V. 1.0 2020-12-07 1

Cloud enhanced Vehicle intelligent Sensor Sharing (CeViss) Kristian Jaldemark, Carmenta 2020-12-07

AD Aware Traffic Control Project CeViSS Cloud enhanced Vehicle intelligent Sensor Sharing December 2020

Executive Summary This document is the concluding report of the CeViSS (Cloud enhanced Vehicle – intelligent Sensor Sharing); a joint Drive Sweden project that has run from January to December 2020. The project was financed in part by Vinnova / Drive Sweden with partnership including Carmenta, CEVT, Ericsson, Volvo Cars and Veoneer. The primary goal of the project was to extend the previously established AD Aware Traffic Control cloud with functions to study and demonstrate how the central cloud platform can be used to collect and enhance critical traffic information before safely sharing it between automotive actors.

The project successfully demonstrated how data registered by a Veoneer vehicle’s sensors, was collected, analyzed and enhanced in real-time on the central cloud level and then shared with the two project OEM partners; CEVT and Volvo Cars. Their connected cars could then take appropriate action and more precisely mitigate the hazard on their road ahead. The project also showed how the Central Traffic Cloud could send instructions to the Veoneer and CEVT cars such as a recommended speed inside geofences (to be used by the Adaptive Cruise Control (ACC)) and search requests to look for specific symbols or texts (e.g. license plate numbers).

Tests were also done where the Central Traffic Cloud had direct control of on-board cameras to start sending video when the Veoneer’s test vehicle approached an accident scene. Images or live video from the scene have the potential to give 112 operators and first responders a better understanding of the situation and help dispatch the right resources as well as make a more detailed planning of the rescue operation before arrival. A series of workshops was arranged during the project with representatives from two rescue organisations to get their response on the value of the technology. Both KatastrofMedicinskt Centrum (KMC) and SOS Alarm confirmed that when planning a rescue operation as well as when organizing the work at the scene it is important to collect as much information as possible about the accident area. Images or live video transmitted from a recent accident under strict control have the potential to improve rescue operations.

As the sharing of sensor data in such a way have possible privacy concerns, the legal aspects was also investigated. The results of the legal study is documented in a separate report, added as an appendix to this document.

The main deliverables from the project were live proof-of-concept trials performed at several occasions with final tests successfully completed at AstaZero test track, October 19, 2020. A film documenting these tests and explaining the project results was produced and a presentation held at a webcasted Drive Sweden event on December 1, 2020 concluded the project

The project has based its work on the cloud-based platform that was created in the project ”AD Aware Traffic Control” (2016-04302), and further extended in the project ”AD Aware Traffic Control Emergency vehicles” (2017-01985) and the following ”AD Aware Traffic Control – Advanced Cooperative Driver Assistance” project (2018-03991). The project used technology in Drive Sweden Innovation Cloud and its results will be integrated in this innovation platform for future use.

CeViSS Final Report v. 1.0 2020-12-07 1

Version History V0.1 20201026 First skeleton Mikael Gråsjö, Carmenta V0.2 20201026 Ericsson add on Anders Fagerholt, Ericsson Anders Olander, Ericsson V0.3 20201111 CEVT add on Marie Höglund, CEVT V0.4 20201127 Carmenta first text additions Mikael Gråsjö, Carmenta V0.5 20201130 Carmenta complementary texts Mikael Gråsjö. Carmenta V1.0 20201207 Final version Mikael Gråsjö, Carmenta

Table of Contents

Executive Summary ...... 1

Version History ...... 2

Table of Contents ...... 2

Appendices ...... 3

Glossary ...... 4

Project participants ...... 5 Volvo Cars ...... 5 Ericsson ...... 5 Carmenta ...... 5 CEVT ...... 5 Veoneer...... 5

System Solution ...... 6

Use Cases ...... 6 Cloud Enhanced Pedestrian Detection ...... 7 Cloud Enhanced Moose Detection ...... 7 Cloud Enhanced Still-Standing Car Detection ...... 7 Cloud Enhanced HLA Warnings ...... 7 Cloud Enhanced Accident Scene Assessment ...... 8 Cloud Enhanced License Plate Recognition ...... 9

Systems part of the end-to-end data flow ...... 9 The Veoneer Vehicle ...... 10 The Central Traffic Cloud/Carmenta TrafficWatch™ ...... 10 The Interchange Node ...... 11 The CEVT Cloud ...... 13 The CEVT Car ...... 13

CeViSS Final Report v. 1.0 2020-12-07 2

The Volvo Cloud/Volvo Cars Command Center ...... 13 The Volvo Car ...... 13

Result and Findings ...... 14 Live Testing and Film Production...... 14 Technical Capabilities Summary ...... 14 Findings about Cloud Enhancement of Sensor-Detected Hazards ...... 15 Findings about Cloud Enhanced Accident Scene Assessment ...... 15 CEVT specific findings ...... 15 Findings about GDPR and Legal Aspects ...... 15

Future Work ...... 16

Next Step ...... 16

Deliverables ...... 17 WP1 – Central Traffic Cloud Sensor Data Integration ...... 17 WP2 – Enhanced Cooperative Traffic Safety using Vehicle Sensor Data ...... 17 WP3 – Volvo Cars Traffic Control ...... 18 WP4 – CEVT Traffic Control and Adaptive Safety ...... 18 WP5 – Veoneer Sensor Platform Integration ...... 19 WP6 – Data exchange and connectivity coverage ...... 19 WP7 – Legal aspects & evaluation ...... 20

Appendices

Appendix 1. Data Privacy Compliance Report. CEVT Document; V1.0 05112020 Gabor Molnar, November 5, 2020

CeViSS Final Report v. 1.0 2020-12-07 3

Glossary AD Autonomous driving AMQP Advanced Message Queuing Protocol C-ITS Cooperative Intelligent Traffic System C-Roads EU project to harmonize and cross boarder test C-ITS https://www.croads. eu/platform.html CAM ETSI Cooperative awareness message CEVT China Euro Vehicle Technology (Geely / Volvo Cars owned OEM) CoordCom Carmenta´s emergency control room and communication product CTC Central traffic cloud (Drive Sweden Innovation Cloud) DATEX II EU standard for communication between traffic management centers DENM ETSI Decentralized Environmental Notification Message EV Emergency vehicle EVA Emergency Vehicle Approaching EU CEF EU project type, Connecting Europe Facility GDPR General Data Protection Regulation GPS Global Positioning system HLA Hazard Light Alert HMI Human-Machine Interface IHU Infotainment Head Unit ITS-G5 ETSI standard for short range ad-hoc communication, 5.9 GHz MPP Most probable path (of the emergency mission) MSB Swedish Civil Contingencies Agency MQTT Message Queuing Telemetry Transport OEM Original Equipment Manufacturer (Car manufacturer) PSAP Public safety answering point RSI Road Surface Information TLS Transport Layer Security UI User Interface UX User Experience VCC Volvo Car Corporation Zenit The System of SOS alarm

CeViSS Final Report v. 1.0 2020-12-07 4

Project participants Volvo Cars Our purpose is to deliver the freedom to move in a personal, sustainable and safe way by offering mobility, regardless of what that looks like or who wants to use it. AD has the potential to unlock a number of benefits for the consumer. Creating a safer traffic environment, enabling a more efficient utilisation of vehicles and freeing up time are some of them. Moreover, Volvo Cars is joining forces with other car manufacturers, service providers and national governments in a ground-breaking, pan-European pilot project to share traffic safety data that is generated by cars and infrastructure. Ericsson Ericsson is a global leader within communication systems and services. 40% of mobile calls are made through Ericsson systems and more than 2 billion people use its networks. Now, Ericsson is leading the development towards a Networked Society, where everything that benefits from being connected will be connected. The Transport sector will benefit extensively from getting connected, cooperative and automated. Ericsson is now developing and implementing communication services and cloud services to support this development. The next generation of mobile networks, 5G, is now being developed to fully support connected automation and new mobility services. Drive Sweden is a key project, with leading partners and use cases to ensure relevant and innovative input the development of 5G and related services. Carmenta Carmenta is a privately held Swedish company, founded in 1985, with offices in Sweden, Germany, France and Spain. Carmenta has been supplying world-class software for mission-critical systems for more than 30 years – systems in which superior situational awareness is the key to success. Carmenta provide high performance software products, develop client-specific solutions and offer a wide range of services that help some of the world’s most technologically advanced customers optimize their operations using real-time geospatial information. Its technology is designed to meet the highest standards focusing on high performance, high availability, openness and scalability, and ease of use. Carmenta’s customers are found globally with a concentration in Europe. Carmenta provides command and control technology for connected and autonomous vehicles which helps traffic network operators to improve traffic control and increase road safety. Background maps with integrated sensor data, weather forecasts, video streams and other information provide the type of common operational picture that will be necessary for the command and control systems of the future. CEVT Mobility solutions for a different tomorrow - CEVT is an innovation and development center for future technologies of the Geely Group with the purpose of being at the forefront of new developments in mobility. The whole industry is now undergoing a transformation with new ways of thinking about the car as a product. CEVT is a fast growing, fast moving and exciting company where no day is like the other – where the challenges of tomorrow are on our working table today. CEVT consists of some 2000 people with offices in Gothenburg and Trollhättan in Sweden and currently works on projects for the car brands Volvo Cars, Geely Auto and Lynk & Co. CEVT is a subsidiary of Zhejiang Geely Holding Group. For more information about CEVT, go to www.cevt.se. Veoneer Veoneer is a worldwide leader in automotive technology. Our purpose is to create trust in mobility. We design, manufacture and sell state-of-the-art software, hardware and systems for occupant protection, advanced driving assistance systems, and collaborative and automated driving to vehicle manufacturers globally. Founded in 2018 as a spin-off from Autoliv, Veoneer builds on a heritage of close to 70 years of automotive safety development. Headquartered in Stockholm, Sweden, Veoneer has 9,200 employees in 13 countries. In 2018, sales amounted to $2.2 billion. Veoneer is listed on the New York Stock Exchange and on Nasdaq Stockholm.

CeViSS Final Report v. 1.0 2020-12-07 5

System Solution Following on the work done in previous AD Aware Traffic Control projects, the system solution has been extended by adding a communication solution to the Veoneer backend system and vehicles (see the figure below). Updated was also the channel for sending ADAS information to the CEVT Cloud, the vehicle control center system operated by CEVT. A new HMI prototype for the mitigation of hazards by the car ADAS system was also added by CEVT.

Figure 1. Overview of the AD Aware Traffic Control system, extended by the CeViSS project (orange boxes).

The Central Traffic Cloud (CTC) is designed to serve any number of OEM clouds by aggregating data of interest, including information about traffic, weather and ongoing rescue missions. The CTC’s central function is to monitor the overall situation and with automation support trigger alerts to the OEM clouds if there are hazardous events detected in the road network. The CTC implements a Publish/subscribe and Request/response mechanism for data exchange based on messaging following the DATEX II and/or ETSI DENM standards.

The current project added functions to CTC for sending data to, and receiving sensor information from the sensor platform on Veoneer vehicles. All received data from the Veoneer sensors as well as Hazard Light Alerts collected from the OEM cars were cloud-enhanced before being issued as Hazardous Location Notifications (HLNs) to the OEMs. Live video streams were used by a CTC Operator to visually verify each hazard and all feature-detected objects were map-matched against other data to determine its level of danger. A good example of this was to match the geolocation of a detected moose to a wildlife fence database to only send a serious warning from the central level when the moose is trapped inside a fenced part of the road. The HMI prototype in the CEVT car was then used for testing a smart ADAS solution for the driver to choose different actions to either pass a hazard with slow speed or totally avoid by selecting an alternative route.

Use Cases In order to find appropriate use cases the project studied and was inspired by work done in the area of Cooperative Intelligent Transport Systems (C-ITS) i.e. technologies and applications to exchange data between vehicles and infrastructure (vehicle-to-infrastructure or V2I). The European ITS Directive lists a set V2I services defined as “day 1” services to be deployed in the short term as the most prioritized ones contributing to road safety and traffic efficiency.

The project selected the following Use Cases from the C-ITS day 1 services list to be implemented and tested:  Animal or person on the road  Accident Zone (unprotected accident area)  Stationary vehicle

CeViSS Final Report v. 1.0 2020-12-07 6

The Sensor Platform on the Veoneer test car was configured to detect and classify these potentially risky objects while driving, and in real-time send their GPS position and type together with a video recording to the Central Traffic Cloud for further analysis. If deemed dangerous by CTC; warnings were sent to CEVT cars using the ETSI DENM messaging format through the Ericsson Interchange Node. Read below for more details about the individual Use Cases.

Cloud Enhanced Pedestrian Detection While driving along the AstaZero rural test track the sensors on the Veoneer test car detects a pedestrian walking on the road. A message about the pedestrian is automatically sent to the Central Traffic Control (CTC) and the car’s on-board cameras are activated to also record and send a live video sequence of the observation to CTC. After analysis the video is discarded.

The pedestrian’s position is automatically map-matched with road data from NVDB, the National Road Database from the Swedish Transport Administration, and the CTC system finds that the pedestrian is on a motorway, a road type where pedestrians are not allowed. An ETSI DENM message is automatically published by CTC on the Ericsson Interchange Node and received by CEVT’s and VCC’s OEM Clouds.

The CTC Operator is notified about the Pedestrian on a Highway road and can see on the situation map and use the video recording to visually verify the potential hazard.

CEVT’s and VCC’s OEM Clouds send the DENM warnings to their connected vehicle fleet and approaching vehicles use their smart ACC functions to automatically lower the speed when passing the area.

Cloud Enhanced Moose Detection While driving along the AstaZero rural test track the sensors on Veoneer test car detects a large animal (a moose decoy). A message about the animal is automatically sent to the CTC and the car’s on-board cameras are activated to send a live video sequence to CTC. The animal’s position is automatically map-matched with a wildlife fence data layer from STVDB, the State-owned Roads Database from the Swedish Transport Administration, and the CTC system finds that the large animal is inside a wildlife-fenced part of the road. An ETSI DENM message is automatically published by CTC on the Ericsson Interchange Node and picked up by CEVT’s and VCC’s OEM Clouds.

The CTC Operator is notified about the large animal on the wrong side of a wildlife fence and can see on the situation map as well as using the video recording to visually verify the potential hazard in the form of a large moose. CEVT’s and VCC’s OEM Clouds send the DENM warnings to the their connected vehicle fleet and approaching vehicles use their smart ACC functions to automatically lower the speed when passing the road section where the moose was detected.

Cloud Enhanced Still-Standing Car Detection When the sensors on Veoneer test car detects a still-standing car, a message is automatically sent to the CTC and the car’s on-board cameras record a live video sequence that is sent to CTC. The detected car’s position is automatically map-matched with road data from NVDB and the CTC system finds that the car is situated on a high-speed road section and therefore a risk. An ETSI DENM message is automatically published by CTC on the Ericsson Interchange Node and picked up by CEVT’s and VCC’s OEM Clouds. Their cars receives a DENM HLN warning to automatically use their smart ACC functions to lower the speed when passing the still-standing car.

Cloud Enhanced HLA Warnings This Use Case re-used the end-to-end data flow that was implemented in the previous AD Aware project where alert signals were sent to CTC from VCC and CEVT cars when their hazard lights were turned on. In this project the CTC compared the received HLAs with ongoing traffic incidents and could map-match their geolocations with previously reported accident locations. This both confirmed that the accident actually happened and that it affects the traffic in the area.

CeViSS Final Report v. 1.0 2020-12-07 7

Cloud Enhanced Accident Scene Assessment

Summary of workshops with KMC and SOS Alarm Workshops were performed during the project with two different rescue organisations to get their response on the value of getting sensor data such as live video transmitted from a recent accident scene. Both KatastrofMedicinskt Centrum (KMC), i.e. the “Centre for Teaching & Research in Disaster Medicine and Traumatology” and SOS Alarm, the Swedish 112 operator, confirmed that; when planning a rescue operation as well as when organizing the work at the accident scene, it is important to collect as much information as possible about the immediate accident as well as the area around. Some of the findings from the workshops can be summarized:  To have an overview of the accident scene is often difficult and would be helpful to get.  Safety is very important when arriving to an accident scene. To avoid more casualties.  Information about involved vehicles could be safety critical: o Dangerous goods/substances; this is one of the first questions that has to be answered. o Engine/vehicle type; fossil fuel and/or electric? Crucial information from a fire risk perspective.  Valuable information before arriving is, also for early invoking special resources: o If children are involved o If there is a fire or immediate risk for fire on the scene (note: supposedly also gas or other dangerous substances)  It would be beneficial to turn on sensors early and send data to the rescue center to get information about the traffic conditions, vehicle flow, if there are ques or road blocks etc.  Also sensor data such as temperature and if it rains or is snowing is valuable information

Michael Zantelid, Business Developer at SOS Alarm Sverige AB, expressed their interest in the technology; ”When planning a rescue operation it is important to collect as much information as possible about the accident scene. Images or live video from the scene would improve our understanding of the situation and help us dispatch the right resources.”

The Accident Scene Use Case A traffic accident is reported to SOS Alarm through a 112 call and a rescue operation is launched. This triggers a message to be automatically sent from the SOS Alarm PSAP system to the CTC with the geolocation of the accident; a capability of the AD Aware Traffic Control platform developed in a previous project. The CTC automatically creates a virtual geofence with a 500 meter radius around the accident location and activates GPS tracking of all sensor-equipped (Veoneer) cars close to the accident. The CTC detects that a Veoneer car pass into the accident geofence and automatically sends two messages to the Veoneer car:  Activate the Veoneer Smart ACC function to lower the speed while approaching the accident scene.  Activate the cameras in the Sensor Platform to start sending pictures or a video stream to CTC.

An Operator in CTC is notified about the Accident and can visually follow the Veoneer car on the situation map as it approaches the Accident Scene. The Operator can also observe the situation through the live video stream and visually study and assess the accident scene and its surroundings. The Veoneer car stops close to the accident scene when it arrives while continuously sending live video. The CTC Operator observe the accident scene through the live video and sees that one car is involved and a bicycle is laying in front of the car with an apparently wounded adult person laying on the ground. Smoke is coming from the car involved.

The following part was not tested in the project but was both conceptually and technically deemed viable and was included in the CeViSS film as a fictional ending of the Use Case scenario. The live video stream is relayed to the SOS Alarm Center to help their operators dispatching the right resources and the video stream is then further relayed to the dispatched rescue team in their emergency vehicles while driving to the accident. The rescue team leader can get ahead in the planning of the operation. Once the rescue team arrives to the accident scene they take over the scene and start their rescue operation. CTC then sends a message to the Veoneer car to turn off cameras.

CeViSS Final Report v. 1.0 2020-12-07 8

Cloud Enhanced License Plate Recognition This Use Case was designed to test the Veoneer vehicle sensor platform’s ability to feature-detect and recognize specific signs and texts in the traffic environment. A message is sent from CTC to the Veoneer car with a list of license plate number to look out for. The Veoneer on-board feature detection system identifies license plate numbers on all cars in its sensor range. When a number from the list is recognized, a message with the car geolocation, heading and license plate text is automatically sent to CTC. For visual confirmation also a snapshot image of the license plate and a short video sequence is sent to the CTC.

The CTC receives the license plate recognition message and the geolocation of the identified car is shown on the situation map. The Operator also confirms that the right number is recognized by visually studying the photo snapshot. Information about the found car is then ready to be distributed to the proper authorities

Systems part of the end-to-end data flow The information exchange between the different systems from partners in the project constitutes an end-to- end flow of messages. Warning messages are starting from the sensor platform in a Veoneer car and going to connected OEMs (i.e. CEVT and VCC) over a central cloud (i.e. CTC). The figure below illustrates the data flow and the systems it passes. Following in this chapter are more detailed descriptions on each systems part of the data flow.

Figure 2. Schematic view of the end-to-end data flow developed and tested in the CeViSS project.

CeViSS Final Report v. 1.0 2020-12-07 9

The Veoneer Vehicle The Veoneer vehicle used in the project for testing and proof-of-concept development was a Volvo XC90 with a sensor platform summarized in the figure below.

Figure 3. The Veoneer Vehicle Sensor platform.

Veoneer developed and tested a communication solution for the vehicle that was used in the project to receive messages from CTC and send data back to CTC. The Central Traffic Cloud/Carmenta TrafficWatch™ The main capabilities implemented and tested in previous AD Aware projects were to build and maintain an aggregated traffic situation picture for a cloud-based traffic center system and to automatically detect traffic incidents that may result in hazardous situations for connected OEMs vehicles. And then, depending on the nature and seriousness of the situation, automatically as well as interactively by an operator dispatch guidance and/or warning messages to the OEMs. The traffic situation picture established in previous projects and used for testing was mainly composed of the following parts:  A detailed background map.  The geometry and characteristics of the physical road network.  Real time traffic information.  Geolocation and most probable path for emergency vehicles driving to accidents.  Geolocation of accidents.  OEM AD & ADAS vehicle hazard light events.  Weather data including road conditions.  Low friction road segments (NIRA RSI service).

In the current project the ability to send specific instructions to the vehicle was added such as a lowering the speed when inside a geofence or inserting a list of wanted license plate numbers to look out for by the sensors feature detection algorithms. CTC was also extended to directly control the onboard sensors such as turn the video camera on and off. The following parts were then added to the situation picture:  Geolocation of sensor-detected objects such as pedestrians, large animals (moose) and still-standing cars.  Dynamic geofences around unprotected accident scenes.  Live video streams from sensor platform cameras while inside accident scene geofences.  Geolocation of cars on which specific license plate numbers have been detected.

CeViSS Final Report v. 1.0 2020-12-07 10

To support the selected Use Cases some special functions were used to cloud-enhance observations received from the car sensors:  The geolocation of large animals detected by the Veoneer sensors were map-matched in real-time with the geo location of wildlife fences (STVDB data files from the Swedish Transport Administration). A DENM Warning message was only issued in the case the large animal was inside a fenced section  The geolocation of pedestrians detected by the Veoneer sensors were map-matched against Road Class data (NVDB data files from the Swedish Transport Administration).

Only observations causing an imminent danger were then published on Ericsson’s Interchange Node as enhanced warnings for further use by the CEVT and VCC clouds. The Interchange Node The Interchange node was developed by Ericsson in NordicWay 1 and developed further in Nordicway2, it was also used in the previous AD Aware projects. Interchange nodes has also been developed in Norway and Finland. It is an AMQP (Advanced Messaging Queening Protocol) publish-subscribe message broker. Technical details can be found in:  Nordic Way Service Definitions Services and Use Cases Deliverable D22 (Part 1).  Nordic Way Service Definitions Messages Deliverable D22:2 (Part 2).  Nordic Way Client Specification AMQP Client Specification.

These documents will be found on the Nordic Way homepage by the end of 2020 (https://www.nordicway.net/).

Interchange Component Overview

Figure 4. Interchange Component Overview.

The software components providing the building blocks are:  AMQP broker: Implemented using Apache QPID server and running in a Docker container.  Geo Lookup: Implemented using PostGIS and running in a Docker container.  Security: Implemented using TLS, Ericsson provides the certificates to the on-boarded partners on the Interchange.  User and Queue Management: Ericsson provides this.  Interchange application: Is the Interchange logic and is implemented using Node JS. This application is running in a Docker container. For logging purposes MySQL is used and is running in a Docker container.

CeViSS Final Report v. 1.0 2020-12-07 11

Figure 5. Generic Deployment Architecture.

Figure 6. Nordic Way Interchange Components.

The Swedish Nordic Way / CeViSS -Interchange is installed in the xerces.ericsson.net environment with two (2) instances, production instance and staging instance. The xerces.ericsson.net environment is operated by Ericsson Research.

Messages Transiting the Interchange

Figure 7. Message Stack.

The AMQP application properties are used to identify the payload, the format of the payload, any related mime types and versions of the payload.

CeViSS Final Report v. 1.0 2020-12-07 12

The CEVT Cloud The CEVT Cloud receives hazard alerts from Carmenta and relays those hazard alerts to only the cars that are in the proximity of the hazard. This is so that CEVT can handle the communication with cars within their company and makes sure that each car only gets information that is specifically relevant to them. The CEVT Car The CEVT cars stores the history of where it has driven before and uses this to predict where it is going next. Therefore, even if the driver hasn’t entered a route in the navigation system there will often be an expected route predicted for the car. The car then responds to the hazard information in two different ways, if the expected route and the hazard overlap: 1. The car checks if there is an alternative route to the expected destination that avoids the hazard area. If there is one, it shows up as a recommendation to the driver. 2. If there is no alternative route or the driver ignores it, and the ACC is active. Then the car will automatically reduce the ACC speed setting when it enters the hazard area.

The goal with smart ACC is to simulate partially what AD vehicles level 4/5 should do when they approach an accident scene or other dangerous road conditions reported by other vehicles or sensors on the road. Smart ACC is possible to implement in AD level 2 but some of the use will be lost as not that many are actively using it on smaller roads. The Volvo Cloud/Volvo Cars Command Center The processing required to realize the Connected Safety function is located within the Volvo cloud and provides a global service to all its cars. All Volvo cars that have this option enabled communicate their position to the cloud at regular intervals and each position is mapped matched to a road. If any of the connected cars detects a situation and activates its hazard lights this is sent to the Volvo cloud and again map matched.

In the current project the connection developed in the previous project was re-used to also send the Hazard Light Alert (HLA) from selected cars to the Central Traffic Cloud. This was used in the “Still-standing car” use case where the CTC forwarded the HLA warning as a standardized ETSI DENM message to the CEVT Cloud. The Volvo Car The Connected Safety function was re-used from the previous project to inform the driver whether another vehicle further ahead on the same road has activated its hazard warning flashers. In the project these warnings was shared also to another OEM (CEVT) through the CTC connection.

The function is intended to make a driver aware that there may be a potentially dangerous traffic situation further ahead on the same road.

CeViSS Final Report v. 1.0 2020-12-07 13

Result and Findings Live Testing and Film Production The project did extensive testing of all system-to-system communication while implementing the functions to support the selected Use Cases. Live testing of parts of the data flow was also done continuously throughout the project. Final live testing of the complete end2end dataflow as well as showcasing all Use Cases was successfully done during one day at the AstaZero Test Track on October 19, 2020.

The figure below shows the test setup for the different Use Cases.

Figure 8. Schematic overview of the test setup at AstaZero test track.

The live testing at AstaZero was filmed on site and the resulting video can be found at the Drive Sweden project page: https://www.drivesweden.net/en/projects-5/ceviss-cloud-enhanced-cooperative-traffic-safety-using-vehicle- sensor-data Technical Capabilities Summary The project have added a number of specific technical capabilities to the AD Aware Traffic Control platform:  Remote control of vehicle sensors from a Central Traffic Cloud: o Activate cameras for operator verification of sensor-detected hazards o Activate cameras for early assessment of accident scenes o Assign search criteria for texts and numbers for license plate recognition o Cloud enhancement of detected potential hazards:  Map-matching of hazard locations with other data like wildlife fences and road types o Aggregation of Hazard Light Alerts and map-matching with other hazards o Verification of hazards through live video  More precise ADAS guidance: o Smart adaptive speed control for safe passage of hazards o Automatic re-routing to avoid road-blocking hazards

CeViSS Final Report v. 1.0 2020-12-07 14

Findings about Cloud Enhancement of Sensor-Detected Hazards Some specific project findings are:  The AD Aware Traffic Control platform was extended to handle data and warnings from vehicle sensors.  The Central Traffic Cloud could use data from other sources to enhance the vehicle sensor warnings (e.g. only warn if moose is on a wildlife fenced road).  Having a centralized system was an efficient way to enhance data for sharing among OEMs and other parties. Findings about Cloud Enhanced Accident Scene Assessment Some specific project findings are:  The AD Aware Traffic Control platform was extended to control Veoneer’s vehicle sensors (e.g. turn video stream on and off).  Live video was streamed from the vehicle camera and shown in the Central Traffic Cloud Operator UI.  The Accident scene was visually assessed by a CTC Operator using the streamed video.  The live video stream could be relayed to a rescue center and used to dispatch the right resources and further sent to the dispatched rescue team in their emergency vehicles to better plan their work at the accident scene.  More findings and benefits of using video to assess an accident scene can be found in Chapter “Summary of workshops with KMC and SOS Alarm” above. CEVT specific findings Some specific findings from CEVT in the project are:  Navigation provider needs to be selected carefully to support the functionality needed from the vehicle app (e.g. route prediction, re-route feature and map drawing tools)  Data consumption might be a concern when it comes to updating vehicle position in a high update rate.  Navigation provider needs to be updated with latest road changes to avoid rerouting the vehicle to a non-valid road.  More studies need to be done to define the details of smart ACC settings related to speed handling and safety on the road.  In regards of the user experience interface it is important to filter out what is not useful for the user to minimize distraction and adapt it to the user  Explore the best solution in regards of data privacy and the amount of communication transfer. Define where to draw the line.  It is important to keep a constant monitoring of the possibilities of innovation vs the invasion to data privacy. It is becoming easier and easier to collect data but at the same time, reservations about large data collectors are growing. It is a question how these technical solutions and the related data usage would be perceived by the public and if it would be considered by people as an invasion to privacy. Therefore, to eliminate data privacy related uncertainties, it is recommended to further investigate into the topic which are mentioned in this Data Privacy Compliance Report (Appendix 1). Findings about GDPR and Legal Aspects A thorough study and review of GDPR and legal aspects of using sensor data from vehicles was done in the project. The results from this study can be found in the document; “Data Privacy Compliance Report”, added as Appendix 1 to this report. Below is a summary.  Data Privacy regulations in the European Union generally allow the implementation of innovative solutions in vehicles where personal data are processed, like using sensors to inform the driver about potential hazards on the road. Personal data processing shall be especially allowed in those cases, when road safety and road management could be improved. However, there are certain limitations relating to what personal data can be processed, for what purposes and how these processing activities can take place. These limitations shall be considered in the vehicle development process, during negotiations between involved parties, when contracts are concluded and especially when solutions are later implemented and personal data of individuals are processed.

CeViSS Final Report v. 1.0 2020-12-07 15

 The GDPR principles shall be followed from day one in a vehicle development process, starting from the conceptual phase. For example, the principle of purpose limitation is one of the key GDPR requirements, which means that personal data shall be collected for specified, explicit and legitimate purposes.  Special attention is required for processing of those type of personal data which are considered sensitive due to their potential impact on the rights of interest of data subjects, like data concerning health or geolocation data.  Identification of involved parties, potential recipients of personal data and their responsibilities from GDPR perspective is critical. The primary responsible parties for personal data processing are the so called Controllers and the Controllers shall instruct and give directions to the other parties about how to allow personal data processing.  Automated decision making can cause significant risks for individuals' rights and freedoms which require appropriate safeguards, therefore it requires special attention during development.  To follow the GDPR data minimization principle properly, implementation of hybrid type of personal data processing seems to be the most accurate way, for example for destination prediction purposes. In such hybrid processing, where possible, personal data would be processed within the vehicle, without disclosing the data to data controllers or processors or without transferring them to a cloud.  In most scenarios the personal data processing could take place based on the individual’s consent or based on a contract with the person, but at the same time there are some uncertainties around the legal basis of data processing to be applied and how the personal data processing requirements can be aligned with other relevant national or EU regulations. To overcome of these uncertainties - which would be beneficial for the data subjects, car manufacturers, authorities, cloud service providers and all other potential involved parties - these specific data processing activities would need to be regulated in a harmonized way in the EU and in that case the data processing would be based on a legal obligation which all parties have to follow. That solution would provide clarity for the data subjects as well and individuals could be absolutely certain that personal data are protected during processing.

Future Work In NordicWay 3 the project will implement an EU harmonized solution for the back end communication developed in C-Roads TF4 “hybrid communication”. The AMQP headers for the Interchange has been developed and agreed – the Basic Interface (BI). A control plane – the Improved Interface (II) has been developed for service discovery automation has also been developed. Other task forces in C-Roads has harmonized “Services” and “Messages”. For the moment C-roads only handle ETSI C-ITS messages, but as the solution is payload agnostic this is in reality “of no concern”. The C-ITS IP Based Interface Profile (Version 1.7.1) will be available from the C-Roads home page (https://www.c-roads.eu/platform.html). Future work should be based (on extensions) of these specifications and then included in the EU harmonized environment to scale over at least EU.

Next Step The video streaming architecture used in the project as well as parts of the communication between the Veoneer car and CTC was developed as a Proof-of-Concept solution and a scalable, encrypted streaming platform would be a natural next step.

The results from the CeViSS project further extends the AD Aware Traffic Control platform making it a very good foundation for new Drive Sweden project. A new project has already been awarded by Vinnova: “AI Aware – AI Powered Awareness for Traffic Safety”; - Investigate how AI can enable predictive awareness in a Smart City context.

CeViSS Final Report v. 1.0 2020-12-07 16

Deliverables WP1 – Central Traffic Cloud Sensor Data Integration

D1.1. Description of used and proposed interfaces and the flow of information. The figure below shows an overview of the flow of information between the systems in the CeViSS project.

Figure 9. Simplified sequence diagram showing the message flow between project partner systems during Use Case tests.

D1.2. A demonstrator within the AD Aware Traffic Cloud. Final tests and live demonstrations were successfully completed at AstaZero Test Track, November 19, 2020. A film summarizing the tests and project results was also produced.

The project had its final presentation at “Digital Infrastructure” a virtual Drive Sweden event, December 1:st, 2020.

D1.3. A summarizing chapter in the final report. Part of this report. WP2 – Enhanced Cooperative Traffic Safety using Vehicle Sensor Data

D2.1. Report with findings, lessons learned and recommendations. This document.

D2.2. A demonstrator within the AD Aware Traffic Cloud. Final tests and live demonstrations were successfully completed at AstaZero Test Track, November 19, 2020. A film summarizing the tests and project results was also produced.

The project had its final presentation at “Digital Infrastructure” a virtual Drive Sweden event, December 1:st, 2020.

CeViSS Final Report v. 1.0 2020-12-07 17

D2.3. A summarizing chapter in the final report. Part of this report. WP3 – Volvo Cars Traffic Control

D3.1. Report with findings, lessons learned and recommendations. This document.

D3.2. A demonstrator within the AD Aware Traffic Cloud. Final tests and live demonstrations were successfully completed at AstaZero Test Track, November 19, 2020. A film summarizing the tests and project results was also produced.

The project had its final presentation at “Digital Infrastructure” a virtual Drive Sweden event, December 1:st, 2020.

D3.3. A summarizing chapter in the final report. Part of this report. WP4 – CEVT Traffic Control and Adaptive Safety

D4.1. Report with findings, lessons learned and recommendations Learning: The CEVT cloud needs to have an accurate position of the CEVT vehicle in order to send alerts in a good timing for the vehicle to have time to react. That leads to the need of considering how to deal with periods when the vehicle might be offline (forest, tunnels, etc.). Consideration: we need to consider also details regarding the app in the vehicle, when it comes to storage (how much travel data, routes, alerts, etc. are to be stored, for how long) and how this might affect the user privacy in terms of GDPR data privacy.

D4.2. Description of used and proposed interfaces and the flow of information The CEVT Cloud receive hazard alerts from Carmenta and it also receives all the CEVT cars positions. Based on that information only location relevant information is sent to each car. Both route prediction and rerouting are handled in the car with some help from the navigation provider. For the details of DEMO set up se picture below.

Figure 10. Overview of the CEVT system solution. Carmenta Cloud is synonymous with the Central Traffic Cloud.

CeViSS Final Report v. 1.0 2020-12-07 18

D4.3. A demonstrator within the AD Aware Traffic Cloud. Final tests and live demonstrations were successfully completed at AstaZero Test Track, November 19, 2020. A film summarizing the tests and project results was also produced.

The project had its final presentation at “Digital Infrastructure” a virtual Drive Sweden event, December 1:st, 2020.

D4.4. A summarizing chapter in the final report. Part of this report. WP5 – Veoneer Sensor Platform Integration

D5.1. Report with findings, lessons learned and recommendations This document.

D5.2. Description of used and proposed interfaces and the flow of information See Figure 9 above.

D5.3. A demonstrator within the AD Aware Traffic Cloud Final tests and live demonstrations were successfully completed at AstaZero Test Track, November 19, 2020. A film summarizing the tests and project results was also produced.

The project had its final presentation at “Digital Infrastructure” a virtual Drive Sweden event, December 1:st, 2020.

D5.4. A summarizing chapter in the final report Part of this report. WP6 – Data exchange and connectivity coverage

D6.1. Report with findings, lessons learned and recommendations Connectivity is critical for safe and efficient AD/ADAS to provide data exchange with connected services. Based on measurements and prediction of connectivity along routes, advice can be given on how coverage, capacity and latency in communication can enable connected services supporting AD/ADAS. But this is a very complex issue for many reasons. Vehicles that intend to exchange information may be attached to different networks. Not only geographical position but also actual network load will determine performance (example: a railroad in parallel with the highway and an oncoming train with 400 surfing passengers in 200 km/h). As we made all our tests on Vårgårda airfield and AstaZero there was no point in making any predictions in this project. Ericsson Connected Vehicle Cloud product development are investigating and developing some features in this area nicknamed Network Near Services.

D6.2. Description of used and proposed interfaces and the flow of information The performed use cases of the CeViSS project have proven that the generic Nordic Way Interchange and its interfaces can successfully be used for any data flow, as long as the data volume is not too large. For the CeViSS use case with large data volume, i.e. the use case with streaming video, the actual video streaming was configured to go directly from source OEM cloud to the control center, while the DENM data flow and control data flow could be successfully managed by the Nordic Way Interchange.

CeViSS Final Report v. 1.0 2020-12-07 19

D6.3. A demonstrator within the AD Aware Traffic Cloud Final tests and live demonstrations were successfully completed at AstaZero Test Track, November 19, 2020. A film summarizing the tests and project results was also produced.

The project had its final presentation at “Digital Infrastructure” a virtual Drive Sweden event, December 1:st, 2020.

D6.4. A summarizing chapter in the final report Part of this report. WP7 – Legal aspects & evaluation

D7.1. Report with findings, lessons learned and recommendations Reference to the GDPR report in Appendix 1.

D7.2. Summary of the processing of personal data Report, according to GDPR Data privacy requirements and practices must be considered carefully when personal data are affected as part of certain technical solutions, especially in connected vehicles. Data privacy regulations globally, like the GDPR in the European Union should serve as enablers for implementation of new technologies which can – as in the current scope - contribute to road safety, enhance optimal usage of roads and support police or rescue operations when required. One of the findings of this Data Privacy Compliance Report is that, data and personal data processing related to solutions connected to these special areas should be further regulated and harmonized on an EU-level or even beyond. In general, GDPR allows to use such innovative solutions in connected vehicles, but there are certain limitations for the personal data usage. These limitations come from uncertainties around interpretation of GDPR in these specific new innovative areas, but they also arise due to lack of harmonization of related regulations in the EU which shall be applied beside the GDPR for privacy (not necessarily data privacy). It is also a question how these technical solutions and the related data usage would be perceived by the public and if it would be considered by people as an invasion to privacy. Therefore, to eliminate data privacy related uncertainties, it is recommended to further investigate into the topic and identify potential regulatory measures which can be implemented on an EU-level (or beyond) and would require the usage of the solutions in vehicles which are mentioned in this Data Privacy Compliance Report. In the current EU data privacy regulatory environment our view is that each person shall be given the freedom to choose, if they want to use these technical solutions related to road safety, road management and certain supports, or not. Even if people decide to opt-in, they shall have the possibility to change their view later. Another aspect is that EU Member States might have national regulations or practices which would allow or block the usage of these type of solutions and that would need to be reviewed on a country-by country level. If specific regulatory requirements are implemented for these areas which are directly applicable in all EU Member States, it would support all parties, including manufacturers and authorities, and significantly limit potential connected compliance risks.

CeViSS Final Report v. 1.0 2020-12-07 20